Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header)


On Thu Feb 05 2015 at 1:49:29 PM Chris Palmer <> wrote:

> On Thu, Feb 5, 2015 at 1:18 PM, Brad Hill <> wrote:
> > Just FYI, that the websec WG in the IETF is basically in the process of
> > being decommissioned, so getting a standards-track RFC number for an
> updated
> > HSTS draft isn't likely to be a quick exercise.
> And that is a good thing. Standards should standardize existing
> known-to-work practice, not be untried designs (by committee). I
> suggest: document any HSTS extensions in Internet-Draft form; get 2
> open source implementations, try it out for a while and see if it
> works and if people really want it; and then optionally RFC-ify later.

Received on Thursday, 5 February 2015 21:53:05 UTC